Privacy Policy
Last updated: 29 June 2026
Orosfort Private Limited ("we", "us", "our") operates geocited.io. This Privacy Policy explains how we collect, use, and protect your personal data when you visit our website or purchase the GEO Audit + Action Checklist.
1. Who We Are
Data Controller: Orosfort Private Limited
Registered in India | Chennai, Tamil Nadu, India
Email: privacy@geocited.io
2. Data We Collect
When you complete our intake form or contact us, we collect:
- Your name and work email address
- Your company name and website URL
- A description of your product or service
- Your target buyer profile and competitor names
- Any additional notes you choose to share
We also collect standard server logs (IP address, browser type, pages visited) for security and performance purposes.
3. Payment Data
All payments are processed by Stripe, Inc. We do not collect, store, or handle your card number or financial credentials. When you check out, you interact directly with Stripe's secure infrastructure. Stripe is a registered data processor under applicable law.
Stripe Privacy Policy: stripe.com/privacy
4. How We Use Your Data
- To perform the GEO Audit + Action Checklist and deliver your report
- To send payment confirmations and your completed deliverable
- To respond to questions or support requests
- To improve our service quality
- To comply with legal and regulatory obligations
We do not sell, rent, or trade your personal data to any third party.
5. Legal Basis for Processing
- Contract performance — to deliver the service you purchased
- Legitimate interests — to operate and improve our business
- Legal obligation — where required by applicable Indian law
- Consent — where explicitly provided (e.g. marketing emails)
6. Third-Party Service Providers
| Provider | Purpose | Privacy Policy |
|---|---|---|
| Stripe, Inc. | Payment processing | stripe.com/privacy |
| Google LLC (GA4) | Anonymised website analytics | policies.google.com/privacy |
| Google LLC (GTM) | Tag management | policies.google.com/privacy |
7. Data Retention
Audit intake data and deliverables are retained for up to 3 years from delivery date, after which they are securely deleted. Payment records are retained for 8 years as required by Indian tax law. You may request deletion at any time (subject to our legal retention obligations).
8. Your Rights
You have the right to:
- Access the personal data we hold about you
- Request correction of inaccurate or incomplete data
- Request deletion of your data
- Withdraw consent at any time (without affecting prior processing)
- Object to or restrict certain processing
- Lodge a complaint with a supervisory authority
To exercise any right, email privacy@geocited.io. We will respond within 30 days.
9. India — DPDP Act 2023
We comply with India's Digital Personal Data Protection Act 2023 (DPDPA). As a Data Fiduciary, we: collect only the data necessary for stated purposes; implement reasonable security safeguards; and will notify affected individuals and the Data Protection Board of India in the event of a personal data breach. You may withdraw consent or request erasure at any time by contacting us at privacy@geocited.io.
10. International Transfers
Your data may be processed outside India by our service providers (Stripe — USA; Google — USA). Where this occurs, we rely on those providers' standard data protection commitments and certifications. We remain responsible for ensuring your data is handled in accordance with this policy.
11. Security
We implement HTTPS encryption across all pages, restrict access to personal data to those who need it to deliver the service, and follow industry-standard security practices. No method of electronic transmission is 100% secure; we cannot guarantee absolute security.
12. Cookies
We use cookies as described in our Cookie Policy.
13. California Residents — CCPA / CPRA
If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):
- Right to Know: Request disclosure of the categories and specific pieces of personal information we have collected about you, and how we use and share it.
- Right to Delete: Request deletion of your personal information, subject to certain exceptions.
- Right to Correct: Request correction of inaccurate personal information.
- Right to Opt Out of Sale or Sharing: We do not sell or share personal information for cross-context behavioural advertising purposes.
- Right to Non-Discrimination: We will not discriminate against you for exercising any of these rights.
To submit a request under CCPA/CPRA, email privacy@geocited.io with the subject line "California Privacy Request". We will respond within 45 days.
Categories of personal information collected: Identifiers (name, email, company name); commercial information (services purchased); internet activity (site usage via analytics).
Business purpose for collection: To deliver the GEO Audit + Action Checklist and operate our business.
No sale of personal information: We do not sell personal information to third parties.
14. US State Privacy Laws
Residents of Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Texas (TDPSA), and other US states with comprehensive privacy laws may have similar rights to those described above. To exercise your rights under any applicable US state privacy law, email privacy@geocited.io.
15. Children
Our service is directed at businesses and professionals. We do not knowingly collect personal data from individuals under the age of 18.
16. Changes to This Policy
We may update this policy from time to time. Material changes will be communicated by updating the "Last updated" date above. Continued use of the service after a change constitutes acceptance of the revised policy.
17. Contact
Orosfort Private Limited
Chennai, Tamil Nadu, India
Email: privacy@geocited.io
California / US privacy requests: privacy@geocited.io (subject: "Privacy Request")